I have to post a message from my android application to Google Reader. I'm Authenticating with ClientLogin and using the Google Reader API.When I'm trying to send the authentication request it's giving an error.
HTTP/1.1 404 Not Found
I think the client was able to communicate with the server but the server could not find what was requested.I'm giving the following url
postURL = "http://www.google.com/reader/api/0/edit" as
HttpPost post = new HttpPost(postURL);.
Please tell me the solution to resolve this issue.
If you're using ClientLogin you will probably need only 2 kinds of tokens to do what you need with the unnoficial Google Reader API:
Authentication Token - This is the main authentication token, and you'll need to send this in the header of every GET/POST request to the API, otherwise you'll get an error (not the one you're having, though). You can do a POST to this url for this (I have a full code example ahead): https://www.google.com/accounts/ClientLogin
Edit Token - This is the edit token, and you'll need to send this as a form parameter of POST request to any edit APIs (like the http://www.google.com/reader/api/0/edit you've mentioned). You can do a GET to this url for this (I have a code example ahead): http://www.google.com/reader/api/0/token
Getting to the 404 error you're reporting, it must be that you have a typo in your url. Copy my url and try it out. Double check it, side by side. Here is the Java code I've used for this - you can try it out also:
private static final String _AUTHPARAMS = "GoogleLogin auth=";
private static final String _GOOGLE_LOGIN_URL = "https://www.google.com/accounts/ClientLogin";
private static final String _READER_BASE_URL = "http://www.google.com/reader/";
private static final String _API_URL = _READER_BASE_URL + "api/0/";
private static final String _TOKEN_URL = _API_URL + "token";
private static final String _USER_INFO_URL = _API_URL + "user-info";
private static final String _USER_LABEL = "user/-/label/";
private static final String _TAG_LIST_URL = _API_URL + "tag/list";
private static final String _EDIT_TAG_URL = _API_URL + "tag/edit";
private static final String _RENAME_TAG_URL = _API_URL + "rename-tag";
private static final String _DISABLE_TAG_URL = _API_URL + "disable-tag";
private static final String _SUBSCRIPTION_URL = _API_URL
+ "subscription/edit";
private static final String _SUBSCRIPTION_LIST_URL = _API_URL
+ "subscription/list";
public static String getGoogleAuthKey() throws IOException {
String _USERNAME = "USER_EMAIL#gmail.com";
String _PASSWORD = "USER_PASSWORD";
Document doc = Jsoup
.connect(_GOOGLE_LOGIN_URL)
.data("accountType", "GOOGLE", "Email", _USERNAME, "Passwd",
_PASSWORD, "service", "reader", "source",
"[YOUR_APP_ID_GOES_HERE].apps.googleusercontent.com")
.userAgent("[YOUR_APP_ID_GOES_HERE].apps.googleusercontent.com")
.timeout(4000).post();
// RETRIEVES THE RESPONSE TEXT inc SID and AUTH. We only want the AUTH
// key.
String _AUTHKEY = doc
.body()
.text()
.substring(doc.body().text().indexOf("Auth="),
doc.body().text().length());
_AUTHKEY = _AUTHKEY.replace("Auth=", "");
return _AUTHKEY;
}
You can see a code example for getting the edit token and doing an edit in my answer to this other question.
See my answer to this one if you want documentation (unofficial but well structured) - there is no official doc...
The code is based on http://www.chrisdadswell.co.uk/android-coding-example-authenticating-clientlogin-google-reader-api/
Related
Suggest me one API to retrieve items based on URL (just like if we give drive id it will retrieve all the details same like if we give URL it should retrun details what inside those folders )
private static final String URL_LIST_DRIVES = "https://graph.microsoft.com/v1.0/me/drives";
private static final String URL_LIST_DRIVE_ITEMS = "https://graph.microsoft.com/v1.0/me/drives/%s/root/children";
private static final String URL_LIST_FOLDER_ITEMS = "https://graph.microsoft.com/v1.0/me/drives/%s/items/%s/children";
private static final String URL_ITEM_CONTENT = "https://graph.microsoft.com/v1.0/me/drives/%s/items/%s/content";
SignupUrl signupUrl = androidManagementClient
.signupUrls()
.create()
.setProjectId(CLOUD_PROJECT_ID)
.setCallbackUrl(CALLBACKURL).execute();
causes the app to crash due to NPE
Caused by: java.lang.NullPointerException: Attempt to invoke virtual method 'com.google.api.services.androidmanagement.v1.AndroidManagement$SignupUrls com.google.api.services.androidmanagement.v1.AndroidManagement.signupUrls()' on a null object reference
Has anyone seen this before? I've followed all the prerequisites to developing and am currently going of off the sample app, and this is the piece of code that crashes. What could be the reason?
https://developers.google.com/android/management/sample-app
Update as per request:
Code
EnterpriseHelperClass - I'd like to do this programmatically even though I know this can easily be executed via the quickstart guide.
public class EnterpriseCreationHelper {
private static final String CALLBACKURL =
"https://play.google.com/work/adminsignup?enterpriseToken";
private static final String TAG = "MainActivity";
private static String CLOUD_PROJECT_ID = "******-";
private static String SERVICE_ACCOUNT = "****#****-.iam.gserviceaccount.com";
private static String CREDENTIALS_FILE =
"/Users/****/appname/src/******.json";
private static String POLICY_ID = "samplePolicy";
private static AndroidManagement androidManagementClient;
public EnterpriseCreationHelper(AndroidManagement androidManagementClient){
EnterpriseCreationHelper.androidManagementClient = androidManagementClient;
}
public void run() throws IOException {
Your androidManagementClient value is null.
Kindly share the initialisation method of androidManagementClient it will be helpful for us to answer
Thanks
Looks like getAndroidManagementClient is returning a null object, which results in setting androidManagementClient to null. Make sure your credentials are correct, and that this method returns successfully.
I am working on integrating my application Walmart Marketplace API using Ruby on Rails.
1. if i try to generate Auth signature for multiple parameters, it does not generate it and returns exceptions. I am using a Jar file to generate Auth signature
For e.g. -: https://marketplace.walmartapis.com/v3/orders?createdStartDate=2016-09-13&createdEndDate=2016-09-23
Does anyone generate Auth Signature & timestamp for multiple parameter for Walmart Marketplace API
2. Does Auth Signature & timestamp need to be generated for each API call for e.g . Pagination call Also?
Does Authentication need to do for each call?
Additional Comments
I know it is a month later and you already have your program figured out but in case you need some help with these parts or anyone else does, I thought I would include the following information I have on the Walmart API.
1.You might want to consider building a method in ruby since it'll be more interactive with the rest of your ruby program, it was kind of difficult but when I was doing it the most difficult part was wrapping the string in the with the SHA256 digest of string to sign. So I threw together a few methods and it works:
pem = make_pem('PRIVATE KEY', encodedKeyBytes)
digest = OpenSSL::Digest::SHA256.new
pkey = OpenSSL::PKey::RSA.new(pem)
signature = pkey.sign(digest, stringToSign)
def make_pem(tag, der)
box tag, Base64.strict_encode64(der).scan(/.{1,64}/)
end
def box(tag, lines)
lines.unshift "-----BEGIN #{tag}-----"
lines.push "-----END #{tag}-----"
lines.join("\n")
end
It's not perfect but ruby doesn't really have the functionality built in so you have to change it around to get it to work. If this still doesn't work feel free to contact me, but I started out using the jar they provide and I promise it is necessary when you are making thousands of different calls a day with different parameters and urls to be able to find the point of failure and if it isn't in ruby its going to be a lot harder to work with and fix.
2/3. You already answered that these need to be included in every call to the API and I don't really have anything else to add here except to not try to find a way around this, like submitting the same time stamp for a batch of calls. Even though it might work if the calls are made within a certain time window, Walmart uses the time stamp to determine which call came in last which is especially important for things like their price API. Again feel free to email me with any questions, I'll try to respond here too but I don't this website that often.
The variable names I am using these variable names just to reference the code provided in the walmart developer guide. I am just going to translate the java code there to ruby to show how I got the values for stringToSign and encodedKeyBytes.
# This is provided to you by walmart
consumerId = "b68d2a72...."
# Also provided by walmart
privateEncodedStr = "MIICeAIBADANBgkqhkiG9w0BAQEFAA......"
# Full path
baseUrl = "https://marketplace.walmartapis.com/v2/feeds"
# HTTP Method Verb
httpMethod = "GET"
timestamp = (Time.now.to_f * 1000).to_i.to_s
stringToSign = consumerId + "\n" + baseUrl + "\n" + httpMethod + "\n" + timestamp + "\n"
encodedKeyBytes = Base64.decode64(privateEncodedStr)
From there you just run it through the original code and then base64 encode the signature and remove white spaces and then you're good to make a request.
In Order to generate multiple parameter pass string as by escaping sting.
Auth Signature & timestamp need to be generated for each API call for e.g . Pagination call Also
if i try to generate Auth signature for multiple parameters, it does not generate it and returns exceptions. I am using a Jar file to generate Auth signature.
USE SHA class instead of jar file =>
It will generate signature for multiple parameters also.
import org.apache.commons.codec.binary.Base64;
import java.security.KeyFactory;
import java.security.PrivateKey;
import java.security.Signature;
import java.security.spec.PKCS8EncodedKeySpec;
public class SHA256WithRSAAlgo {
private static String consumerId = "b68d2a72...."; // Trimmed for security reason
private static String baseUrl = "https://marketplace.walmartapis.com/v2/feeds";
private static String privateEncodedStr = "MIICeAIBADANBgkqhkiG9w0BAQEFAA......"; //Trimmed for security reasons
public static void main(String[] args) {
String httpMethod = "GET";
String timestamp = String.valueOf(System.currentTimeMillis());
String stringToSign = consumerId + "\n" +
baseUrl + "\n" +
httpMethod + "\n" +
timestamp + "\n";
String signedString = SHA256WithRSAAlgo.signData(stringToSign, privateEncodedStr);
System.out.println("Signed String: " + signedString);
}
public static String signData(String stringToBeSigned, String encodedPrivateKey) {
String signatureString = null;
try {
byte[] encodedKeyBytes = Base64.decodeBase64(encodedPrivateKey);
PKCS8EncodedKeySpec privSpec = new PKCS8EncodedKeySpec(encodedKeyBytes);
KeyFactory kf = KeyFactory.getInstance("RSA");
PrivateKey myPrivateKey = kf.generatePrivate(privSpec);
Signature signature = Signature.getInstance("SHA256withRSA");
signature.initSign(myPrivateKey);
byte[] data = stringToBeSigned.getBytes("UTF-8");
signature.update(data);
byte[] signedBytes = signature.sign();
signatureString = Base64.encodeBase64String(signedBytes);
} catch (Exception e) {
e.printStackTrace();
}
return signatureString;
}
}
Does Auth Signature & timestamps need to be generated for each API call for e.g . Pagination call Also?
YES, for each and every call including pagination , you need to generate new Signature and Timestamps.
Does Authentication need to do for each call?
YES, Authentication need to do for each call.
I am having an issue and think I may be missing something with RestSharp.
I am authorizing and getting back a cookie just fine... see below. But then when I call to get the data it returns unauthorized. It works just fine in Postman but not in the code below. I am using a console app and I have tried to send the cookie via AddHeader, AddCookie, and just as a parameter. The responseLogin does contain the correct cookie. Any help would be great.
Dim clientLogin = New RestClient("http://[URI to Authorize]............")
Dim requestLogin = New RestRequest(Method.POST)
requestLogin.AddParameter("application/x-www-form-urlencoded", "[Username and password here.....]", ParameterType.RequestBody)
Dim responseLogin As IRestResponse = clientLogin.Execute(requestLogin)
Dim client = New RestClient("http://[URI to get data]............")
Dim request = New RestRequest(Method.GET)
request.AddHeader("Cookie", responseLogin.Cookies(0).Value.ToString)
request.AddHeader("Accept", "application/json")
Dim response As IRestResponse = client.Execute(request)
The Cookie header needs to contain the name and value for the cookie, e.g.
Dim authCookie = responseLogin.Cookies(0) ' Probably should find by name
request.AddHeader("Cookie", String.Format("{0}={1}", authCookie.Name, authCookie.Value))
However, the documentation (I've never used RestSharp personally) says that RestSharp has automatic support for cookies, so if you reuse the RestClient instance and set the CookieContainer you shouldn't need to do anything to handle the cookies manually (unless you want to, which in some cases may be preferable).
Dim client = New RestClient(New Uri("[Base URI...]"))
client.CookieContainer = New System.Net.CookieContainer()
Dim requestLogin = New RestRequest("[login page path]", Method.POST)
requestLogin.AddParameter("application/x-www-form-urlencoded", "[Username and password here.....]", ParameterType.RequestBody)
Dim responseLogin As IRestResponse = client.Execute(requestLogin)
Dim request = New RestRequest("[data api path", Method.GET)
request.AddHeader("Accept", "application/json")
Dim response As IRestResponse = client.Execute(request)
You could probably just reuse the cookie container with different RestClient instances instead of reusing the client.
I had the same issue on RestClient .NET framework 4.5.2 version.
It turns out you have to implement the IAuthenticator interface.
public class MyAuth : IAuthenticator
{
readonly string _password;
readonly string _passwordKey;
readonly string _username;
readonly string _usernameKey;
public MyAuth(string usernameKey, string username, string passwordKey, string password)
{
_usernameKey = usernameKey;
_username = username;
_passwordKey = passwordKey;
_password = password;
}
public void Authenticate(IRestClient client, IRestRequest request)
=> request
.AddCookie(_usernameKey, _username)
.AddCookie(_passwordKey, _password);
//.AddParameter(_usernameKey, _username)
//.AddParameter(_passwordKey, _password);
}
I did this and my request worked.
I have visited and read all the Valence, and specifically the REST API, pages. I have one approved key already and a second key that has not yet been approved by D2L, and it's not clear how I request that approval.
The documentation contains a lot of information, but it is difficult to put all the pieces together. For example, in order to make any REST API call, I have to add several parameters to the end of the call. The parameters are documented in one place, but it isn't clear in some cases how to construct them (for example, one of the keys is to contain the url, timestamp, and the type of call being made, but how are they to be concatenated?). Then they have to be signed, and the documentation that tells how to sign the keys is in a completely different page that is not even referenced from the page that tells you that you have to sign the parameters. On top of that, the documentation is not extremely clear about how to do the signing, and offers no further explanation or examples. So to get anywhere, we have to jump around a lot through the documentation, and go through a whole lot of trial and error. It appears that the documentation assumes that the reader has expertise in several areas, which may or may not be true.
Code examples would make a huge difference.
There aren’t a lot of samples yet; we are working to add more, and to make the ones that are present more obvious. As one example, there is a Java Android app that has all the authentication stuff and some basic calls (including the call “whoami” which is a great test call).
The specific auth related files are available as well. From the D2LSigner class, you can see the signing algorithm we use:
Mac hmacSha256 = Mac.getInstance("hmacSHA256");
byte[] keyBytes = key.getBytes("UTF-8");
Key k = new SecretKeySpec(keyBytes, "hmacSHA256");
hmacSha256.init(k);
byte[] dataBytes = data.getBytes("UTF-8");
byte[] sig = hmacSha256.doFinal(dataBytes)
String sigString = base64Url( sig );
From D2LOperationSecurityImpl, you can see how the query string fits together:
//uppercase METHOD, lowercase PATH, timestamp as string
private static /*final*/ String BASE_STRING_TEMPLATE = "{0}&{1}&{2}";
private static /*final*/ String APP_ID_QUERY_NAME = "x_a";
private static /*final*/ String APP_SIG_QUERY_NAME = "x_c";
private static /*final*/ String USER_ID_QUERY_NAME = "x_b";
private static /*final*/ String USER_SIG_QUERY_NAME = "x_d";
private static /*final*/ String TIMESTAMP_QUERY_NAME = "x_t";
...
#Override
public Uri createAuthenticatedUri(String path, String httpMethod) {
long timestamp = System.currentTimeMillis() +
mServerSkewCorrectionMillis.longValue();
Long timestampObjectSeconds = new Long(timestamp/1000);
Object[]formatParms = {httpMethod.toUpperCase(),
path.toLowerCase(),
timestampObjectSeconds.toString()};
String signatureBaseString = MessageFormat.format(BASE_STRING_TEMPLATE,
formatParms);
String appSig = D2LSigner.base64URLSig(mAppKey, signatureBaseString);
String userSig = D2LSigner.base64URLSig(mUserKey, signatureBaseString);
if ((appSig == null) || (userSig == null)) {
return null;
}
String scheme = mEncryptOperations?ENCRYPED_SCHEME:PLAIN_SCHEME;
Uri.Builder b = new Uri.Builder();
b.scheme(scheme);
b.authority(mHostName);
b.path(path);
b.appendQueryParameter(APP_ID_QUERY_NAME, mAppID);
b.appendQueryParameter(APP_SIG_QUERY_NAME, appSig);
b.appendQueryParameter(USER_ID_QUERY_NAME, mUserID);
b.appendQueryParameter(USER_SIG_QUERY_NAME, userSig);
b.appendQueryParameter(TIMESTAMP_QUERY_NAME, timestampObjectSeconds.toString());
Uri securedURI = b.build();
return securedURI;
}
Also, you need to sign the first URL you use for logging in, but only with the application key (because you haven't yet established a user context). It uses a different base string (to protect the URL that is used during auth):
String signature = D2LSigner.base64URLSig(mAppKey, resultURLString);
BasicNameValuePair appID = new BasicNameValuePair(APP_ID_NAME, mAppID);
BasicNameValuePair appSig = new BasicNameValuePair(APP_SIG_NAME, signature);
BasicNameValuePair callbackURL = new BasicNameValuePair(CALLBACK_NAME, resultURLString);